Hiding sensitive data

ABSTRACT

Example implementations relate to hiding sensitive data. For example, a device according to the present disclosure may include a scanning portion to receive a scan of a document, and a graphical user interface to receive a command with respect to the sensitive data. The device may also include a processor to analyze the scan of the document, process the command via the graphical user interface, determine the document contains sensitive data in response to the command, and perform an action to hide the sensitive data.

BACKGROUND

Sensitive data is defined as data that is protected against unwarranteddisclosure. Protection of sensitive data may be considered for legal,ethical, or other reasons, including issues pertaining to personalprivacy, or for proprietary considerations.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates a diagram of an example device, according to thepresent disclosure.

FIG. 2 illustrates a diagram of example graphical user interface (GUI)displays, according to the present disclosure.

FIG. 3 is a block diagram of an example system for hiding sensitivedata, according to the present disclosure.

FIG. 4 illustrates an example method for hiding sensitive data,according to the present disclosure.

FIG. 5 illustrates an example method for hiding sensitive data,according to the present disclosure.

DETAILED DESCRIPTION

Hiding sensitive data from documents may be valuable to users. Forinstance, when a user copies a document, the user may want to removesensitive data, such as a social security number, name, address, phonenumber, etc. As used herein, sensitive data refers to data that needs tobe protected from unauthorized access to safeguard privacy and/orsecuring of an individual and/or organization. Sensitive data mayinclude, for instance, personal data (e.g., Social Security Number,credit card number, financial data, etc.), business data (e.g., tradesecrets, sales and marketing plans, financial data, etc.), and/orclassified data (e.g., data subject to special security classificationregulations). Some approaches to sensitive data removal require a userto make a copy of the document and then remove the sensitive data, forinstance sending a scanned document to a computer with an imageprocessing software and manually removing the data from the image bycropping or smudging the piece of the document that contains thesensitive data. The document then is sent back to a printer if printingis desired.

In contrast, examples of the present disclosure allow for the hiding ofsensitive data on a single device such as a printing device. Forinstance, the device may receive a scan of a document containing seismicdata. A preview of the document may be displayed on a panel located onthe device, such as a GUI. Via the GUI, options may be presented to auser with respect to editing, limiting, and/or hiding certaininformation (e.g., the sensitive data) in the document. A preview of thenewly edited document may be presented via the GUI, and once approval isreceived, the scanning process can be completed, No outside computingdevice or processor is necessary, as the device houses all necessarycomponents and functionalities to complete the scanning and hiding ofthe sensitive data. In some examples, the device may print or send thescanned document upon receipt of such commands.

In addition, some prior approaches to sensitive data removal only allowfor editing of textual data (e.g., text blocks) on a separate computingdevice and may require the use of optical character recognition (OCR).In contrast, examples of the present disclosure allow for hidingsensitive data located in an image or irregularly shaped item, withoutsending the document to a second device and without the use of OCR. Forinstance, by previewing the document via a GUI, commands to edit and/orhide sensitive data may be received at the single device, and thesecommands may include the removal of image data, a combination of imageand textual data, and/or irregularly shaped data. For instance, a usermay choose to hide sensitive data by circling the area to be hidden, andthe device may hide that circular-shaped portion without sending theinformation to a different device (e.g., a separate computing device).

Examples of the present disclosure can simplify and quicken the hidingof sensitive data from a document and can increase security, as thedocument is not sent to another device, avoiding sending the documentover a network that may not be encrypted. Examples of the presentdisclosure can also decrease costs by eliminating a need for a userlicense of image processing software and can eliminate a need for both ascanning/printing device and a computing device.

FIG. 1 illustrates a diagram of an example device 100, according to thepresent disclosure. Device 100 may be a printing device and/or ascanning device, for instance. Device 100 may include a scanning portion102 to receive a scan of a document. For instance, a user may place adocument on the scanning portion 102, and device 100 may receive thescan of the document. The scanned document can include textual data,image data, and/or irregularly shaped data, among others. The scan ofthe document, in some examples may include sensitive data such as, forinstance, the user's Social Security Number.

Device 100 may include a GUI 104. GUI 104 may be a touchscreen GUI orother type of GUI that accepts user input. GUI 104 may be an interfacethat allows users to interact with device 100 through icons and visualindicators. GUI 104 may also allow for, in some instances, text-basedinteraction, typed interaction, and/or text navigation, among others.GUI 104 may receive and accept commands from a user with respect to thescanned document or other actions of device 100. These commands mayinclude commands both related and unrelated to the sensitive data.

Device 100 may include a processor (not illustrated in FIG. 1). Theprocessor may be within device 100 and communicably coupled to scanningportion 102 and/or GUI 104. The processor may further be incommunication with a machine-readable storage medium, as illustrated inFIG. 3. The processor may analyze the scan of the document received bythe scanning device, process a command received at the GUI, makedeterminations with respect to sensitive data in the document based onthe commands, and perform actions based on those determinations. Actionsmay include, for instance, cropping the sensitive data to hide it,blurring the sensitive data to hide it, and/or hiding a portion of thesensitive data, among others. These actions may be performed in responseto commands received via GUI 104 in some instances.

Analyzing the scan may include determining whether or not the scanneddocument include sensitive data and/or determining whether the data(both sensitive and non-sensitive data) contained in the document istextual data, image data, irregularly-shaped data, and/or a combinationof data types, Processing the command may include determining what thecommand is directing, including for instance, hiding a portion of or allof the sensitive data, zooming in or out on the scanned document via theGUI, etc.

The processor may also send the scanned document over a network. Thismay be to an email address, a cloud-based storage, and/or a networkdevice, among others. For instance, a command may be received at device100 (e.g., via GUI 104) to send the scanned document upon completion ofthe hiding of the sensitive data and finishing of the scan to an emailaddress or other device (e.g., a computing device), This may be sentover a number of networks, including, for instance, a local areanetwork, among others.

Device 100 may also include a printing portion to print the scanneddocument in response to the scanning portion 102 finishing the scan ofthe document. The scanning portion 102 may finish the scan in responseto the performed actions noted above. In some examples, device 100 maybe a printing device capable of printing documents. A command may bereceived at device 100 (e.g., via GUI 104) to print the scanned documentupon completion of the hiding of the sensitive data and/or completion ofthe scan, for instance.

Device 100 may also include a database located on the device (notillustrated in FIG. 1) for storing the scanned document. For instance,upon completion of the scan, the scanned document (e.g., with sensitivedata hidden) may be stored on the device alternatively to or in additionto sending the scanned document over a network and/or printing thescanned document.

FIG. 2 illustrates a diagram of an example GUI (e.g., GUI 104illustrated in FIG. 1) at different stages 220-1, 220-2, and 220-3 of ascanning and/or sensitive data hiding process. While three stages areillustrated in FIG. 2, any number of stages may occur. The GUI may belocated on a device, such as device 100 illustrated in FIG. 1. Stage220-1 illustrates a preview 222-1 of a scanned document. The documentmay include textual data, image data, and/or a combination of the two.The document may also include sensitive data, as illustrated at 224-1.

Stage 220-1 may include a display of options 226-1 for a user including,for instance, “edit”, “zoom in”, and “zoom out”, among others. A usermay press one of these options to change the preview (e.g., “zoom in” tomake it larger) or to change the document in some way (e.g., “edit” or“hide sensitive data”, etc.). Stage 220-1 may also include a “finishscan” option 227. This option may be selected by a user if the userchooses not to edit the scanned document. Upon receiving this command,the device may complete the scan of the document.

Stage 220-2 may be a stage subsequent to that of stage 220-1. Forinstance, stage 220-2 may be displayed after the device receives acommand from the user to edit the document. Stage 220-2 illustrates apreview 222-2 of the scanned document, as well as options 226-2. Options226-2 may include, for instance, “zoom in” and “zoom out”, as well asoptions for hiding sensitive data, such as “blur” and crop“. A user mayselect one or more of” these options to edit and/or hide sensitive data224-2. For instance, the device may receive a command via the GUI as towhere the sensitive data is (e.g., by selecting via a touchscreen),and/or the device may identify the location of sensitive dataautomatically. As used herein, automatically means with limited or nouser input and/or with limited or no prompting.

In response to the location of the sensitive data, a user may choose amethod for hiding it, as well as which portions of the sensitive data tohide (e.g., some, all; certain types, etc.). Stage 220-2 may alsoinclude a “finish edit” option 226-2. A user may select this option ifthe user is satisfied with his or her edit and is ready to complete thescan of the document.

Stage 220-3 may be a stage subsequent to that of stage 220-2. Forinstance, stage 220-3 may be displayed in response to receiving acommand to crop sensitive data 224-2. Like stages 220-1 and 220-2, stage220-2 illustrates a preview 222-3 of the scanned document, as well asoptions 226-3.

However, preview 222-3 no longer includes visible sensitive data, butinstead includes hidden sensitive data 225, which has been cropped outof the document in response to a command from a user. Options 226-3 maybe the same or similar to options 226-2, and may allow for a user tofurther edit (or remove edits) on the scanned document 222-3. Stage220-3 may also include “finish edit” option 226-3, which allows forfinalization of the edit before finishing the scan. Upon completion ofthe edit, a user may see stage 220-1 again, with the preview 222-1including hidden sensitive data, and with the “finish scan” option 227available. Stage 220-1 or an alternative stage may also include anoption to send the scanned document to another device (e.g., via anetwork) or to print the scanned document using the device. The commandoptions 226-1, 226-2, 226-3 illustrated in FIG. 2 are meant to beexamples. Command options may include more, fewer, and/or differentoptions than those shown in FIG. 2.

FIG. 3 is a block diagram of an example system 311 for hiding sensitivedata, according to the present disclosure. System 311 may include atleast one computing device that is capable of communicating with atleast one remote system. In the example of FIG. 3, system 311 includes aprocessor 305 and a machine-readable storage medium 313. Although thefollowing descriptions refer to a single processor and a singlemachine-readable storage medium, the descriptions may also apply to asystem with multiple processors and multiple machine-readable storagemediums. In such examples, the instructions may be distributed (e.g.,stored) across multiple machine-readable storage mediums and theinstructions may be distributed (e.g., executed by) across multipleprocessors.

Processor 305 may be one or more central processing units (CPUs),microprocessors, and/, or other hardware devices suitable for retrievaland execution of instructions stored in machine-readable storage medium313. In the particular example shown in FIG. 3, processor 305 mayreceive, determine, and send instructions 315, 316, 317, 318, 319, and321 for hiding sensitive data. As an alternative or in addition toretrieving and executing instructions, processor 305 may include one ormore electronic circuits comprising a number of electronic componentsfor performing the functionality of one or more of the instructions inmachine-readable storage medium 313. With respect to the executableinstruction representations (e.g., boxes) described and shown herein, itshould be understood that part or all of the executable instructionsand/or electronic circuits included within one box may, in alternateembodiments, be included in a different box shown in the figures or in adifferent box not shown.

Machine-readable storage medium 313 may be any electronic, magnetic,optical, or other physical storage device that stores executableinstructions. Thus, machine-readable storage medium 313 may be, forexample, Random Access Memory (RAM), an Electrically-ErasableProgrammable Read-Only Memory (EEPROM), a storage drive, an opticaldisc, and the like. Machine-readable storage medium 313 may be disposedwithin system 311, as shown in FIG. 3. In this situation, the executableinstructions may be “installed” on the system 311. Additionally and/oralternatively, machine-readable storage medium 313 may be a portable,external or remote storage medium, for example, that allows system 311to download the instructions from the portable/external/remote storagemedium. In this situation, the executable instructions may be part of an“installation package”. As described herein, machine-readable storagemedium 313 may be encoded with executable instructions for hidingsensitive data.

Referring to FIG. 3, scan instructions 315, when executed by a processor(e.g., 305), may cause system 311 to analyze a scan of a documentreceived at a device. As discussed with regard to FIG. 1, the scan maybe received via scanning portion 102. For instance, a user may place adocument on scanning portion 102, and device 100 may receive a command(e.g., via GUI 104 or another input) to scan the document.

Display instructions 316, when executed by a processor (e.g., 305), maycause system 311 to display the scan of the document via a GUI locatedon the device. As discussed with regard to FIG. 1, this GUI 104 may belocated on device 100. For instance, a preview of the document, asillustrated in FIG. 2, may be displayed for review by a user and/or so adetermination may be made with respect to sensitive data that may becontained in the document.

Command instructions 317, when executed by a processor (e.g., 305), maycause system 311 to receive a command via the GUI to hide sensitiveimage data from the scan of the document. In some instances, thesensitive image data may further include textual data, such that thesensitive data is a combination of both image and textual data. Asdiscussed with regard to FIG. 1, the command can come via GUI 104.

Example commands received may include directions to blur and/or crop thesensitive data in order to hide it. For instance, it may be desired toblur a name, address, phone number, etc. from the document, making itunreadable. A user may select via the GUI, a word, number, phrase, etc.to hide. The command may include directions to hide a particular portionof the sensitive data. For instance, a Social Security Number may behidden, while a name remains. A command may include, in some instances,directions to hide an irregularly shaped portion of the sensitive data.For instance, image data may be shaped irregularly (e.g., a person'sface, a name located on a shirt in a photo, etc.). Additionally oralternatively, a command may include directions to hide a shape drawingby a user via the GUI of a portion of sensitive data to be hidden. Forinstance, a circle or other shape may be drawn by a user via the GUI(e.g., using a touchscreen) round a particular portion of the sensitivedata to be hidden.

Command instructions 317 when executed by a processor (e.g., 305), mayalso cause system 311 to receive a command unrelated to the sensitivedata. For instance, a user may want to get a closer view of the scanneddocument in the preview, so he or she may want to zoom in (or out) onthe scanned document. In such an example, the device receives a commandto zoom in or out (e.g., via the GUI), and in response, adjusts thepreview of the scanned document accordingly. While zoomed in or out, theuser may also edit the document. Other commands may be present on theGUI, as well.

The location instructions 318, when executed by a processor (e.g., 305),may cause system 311 to determine a location of the sensitive image databased on the command. For instance, based on the portion of sensitivedata selected by the user, the device determines which sensitive data tohide. In some examples, the device may be able to locate the sensitivedata based without user input. The device may present this as potentialsensitive data to a user via the GUI. For instance, the device (e.g.,via the processor) may identify and flag data within the scanneddocument that appears to include sensitive data, including personaldata, business data, and/or classified data. A command may then bereceived via the GUI as to whether or not the user deems this flaggeddata to be sensitive data.

The hide sensitive data instructions 319, when executed by a processor(e.g., 305), may cause system 311 to hide the sensitive image data. Thedata may be hidden in a plurality of ways, including blurring, cropping,blacking out, and/or covering with another image, among others.

The hidden display instructions 321, when executed by a processor (e.g.,305), may cause system 311 to display the scan of the document with thesensitive image data hidden via the GUI. For instance, as discussed withregard to FIGS. 1 and 2, the scan with the hidden sensitive image datamay be displayed via GUI 104 and as illustrated in stage 220-3. Forinstance, a user may be able to review a scanned document with thesensitive data hidden prior to completing a scan of the document. Editsand/or the hiding of the sensitive data may be adjusted, if desired,before finishing the scan.

System 311 may also include finish instructions (not illustrated in FIG.3) that, when executed by a processor (e.g., 305), may cause system 311to finish a scan of the document. For instance, in response to anapproval of the display of the scanned document with the sensitive imagedata hidden, a command may be received (e.g., via the GUI) to complete ascan of the document (e.g., via the scanning portion of the device).Upon completion of the scan, commands may be received as to what actionto take with respect to the completed scanned sensitive-image data-freedocument (e.g., email, save, etc.)

FIG. 4 illustrates an example method 440 for hiding sensitive data,according to the present disclosure. At 442, method 440 may includereceiving a scan of a document at a device, such as device 100 asdiscussed in regards to FIG. 1. For instance, a user may place or inserta document onto or into a scanning portion of the device for scanning.

At 444, method 440 may include displaying the scan of the document via aGUI located on the device. A user may then view the scan on the GUI,which may include options for editing the document, as discussed withrespect to GUI stages 220-1, 220-2, and 220-3 illustrated in FIG. 2. TheGUI may be a touchscreen GUI, allowing for user input and editingthrough multi-touch gestures. Other screen and/or GUI types may be used,however.

Method 440 may include, at 446, determining, using a processor on thedevice, the document contains sensitive data. In some examples, theprocessor may automatically determine the document contains sensitivedata. For instance, the processor may identify and flag potentialsensitive data within the scanned document that appears to includepersonal data, business data, and/or classified data. In some instances,the processor may present this potential data to a user, and a commandmay then be received via the GUI as to whether or not the user deemsthis flagged data to be sensitive data. In other examples, the devicemay automatically hide the data it deems sensitive.

The processor, in some examples, may determine the document containssensitive data based on a command received via the GUI. For instance, auser may choose the data he or she wants hidden using a touchscreen GUI,For instance, a user may select a start and an endpoint of sensitivedata to be hidden. The sensitive data may be located in one location orin more than one location of the document. In an example where there aremultiple locations of sensitive data, commands may be received at thedevice to hide a first starting to ending point, a second starting toending point, and so on, until all the desired portions of the sensitivedata are located in preparation for hiding.

At 448, method 440 may include hiding, using the processor, thesensitive data in response to receiving a command via the GUI to hidethe sensitive data. The sensitive data may be hidden in a plurality ofways, including, for instance, blurring the sensitive data and/orcropping the sensitive data.

In some examples, method 440 can include display, via the GUI, thedocument with the sensitive data hidden. This allows for a preview ofthe document with the sensitive data hidden prior to completing thescan. The GUI may also display options for further editing of thedocument with the sensitive data hidden, as illustrated in stage 220-3of FIG. 2.

Method 440 can also include printing, using the device, the documentwith the sensitive data hidden. For instance, in response to thesensitive data being hidden and the scanning portion of the devicecompleting the scan, the device may print the document with thesensitive data hidden.

In some instances, method 440 can include sending, using the processor,the document over a network. For instance, in response to the sensitivedata being hidden and the scanning portion of the device completing thescan, the processor may send the document with the sensitive data hiddenover a network to an email address, cloud-based storage, network folder(e.g., common personal computer shared folder), and/or another devicewithin or outside of the network, among others. In an example,cloud-based storage can include a sharepoint. In some instances, theprocessor can send the document with the sensitive data hidden to adatabase located on the device for storage.

FIG. 5 illustrates an example method 550 for hiding sensitive data,according to the present disclosure, At 552, the method 550 may includescanning a document and/or receiving a scan of a document at a scanningportion of a device, such as scanning portion 102 and device 100, asdiscussed in regards to FIG. 1, A preview of the scanned document may bedisplayed via a GUI located on the device. The preview may be in theform of an image and/or text, and the scanned document may include imagedata, textual data, irregularly shaped data, and/or other data formats.

At 556, a determination is made as to whether or not the documentcontains sensitive data. This determination may be made in response to acommand received via a GUI on the device, and/or it may be madeautomatically by a processor located on the device. If a determinationis made that the document does not contain sensitive data, the scan iscompleted at 562.

If a determination is made that the document does contain sensitivedata, at 558 a command may be received via a GUI on the device to hidethe sensitive data. For instance, a user may press a button on the GUI(e.g., via a touch-screen) labeled “Edit’ or “Hide Sensitive Data”,However, these are only examples of buttons, and optional commands arenot so limited.

At 560, a command may be received via the GUI to hide a particularportion (or all) of the sensitive data. In response to receiving acommand to edit the document, for instance, a user may be presented witha new screen and may select by hand a portion of the sensitive data tohide. Once the selected sensitive data is hidden, the scan may befinished at 562.

In the foregoing detailed description of the present disclosure,reference is made to the accompanying drawings that form a part hereof,and in which is shown by way of illustration how examples of thedisclosure may be practiced. These examples are described in sufficientdetail to enable those of ordinary skill in the art to practice theexamples of this disclosure, and it is to be understood that otherexamples may be utilized and that process, electrical, and/or structuralchanges may be made without departing from the scope of the presentdisclosure.

The figures herein follow a numbering convention in which the firstdigit corresponds to the drawing figure number and the remaining digitsidentify an element or component in the drawing. Elements shown in thevarious figures herein can be added, exchanged, and/or eliminated so asto provide a number of additional examples of the present disclosure. Inaddition, the proportion and the relative scale of the elements providedin the figures are intended to illustrate the examples of the presentdisclosure, and should not be taken in a limiting sense. As used herein,the designator “N”, particularly with respect to reference numerals inthe drawings, indicates that a number of the particular feature sodesignated can be included with examples of the present disclosure. Thedesignators can represent the same or different numbers of theparticular features. Further, as used herein, “a number of” an elementand/or feature can refer to one or more of such elements and/orfeatures.

As used herein, “logic” is an alternative or additional processingresource to perform a particular action and/or function, etc., describedherein, which includes hardware, e.g., various forms of transistorlogic, application specific integrated circuits (ASICs), etc., asopposed to computer executable instructions, e.g., software firmware,etc., stored in memory and executable by a processor.

What is claimed:
 1. A device comprising: a scanning portion to scan a document in which sensitive data is viewable; a graphical user interface to display the scan of the document with the sensitive data being viewable and to receive a command with respect to the sensitive data depicted in the document; and a processor to: in response to the command and without sending the document over a network, determine the document contains sensitive image data depicting a captured image of an object; and perform an action to hide the sensitive image data from the scanned document and to generate an electronic version of the scanned document in which the sensitive image data is not accessible; the scanning portion to finish the scan of the document in response to the performed action; and a printing portion to subsequently print the document with the sensitive image data removed, after the action to hide the sensitive image data is performed.
 2. The device of claim 1, further comprising: the processor to subsequently send the document over a network.
 3. The device of claim 1, further comprising a database located on the device to store the scan of the document with the sensitive image data removed.
 4. The device of claim 1, wherein the graphical user interface is to: display the scan of the document and the sensitive image data, and receive the command indicative of a location or content of the sensitive image data depicted in the displayed scan; and the processor is to: determine the location of the sensitive image data based on the received command and the location or content of the sensitive image data depicted in the displayed scan, and perform the action to hide the sensitive image data by altering the sensitive image data and generating a scanned version of the document with the sensitive image data altered.
 5. The device of claim 4, wherein the processor is to perform the action to hide the sensitive image data by, in response to the received command being indicative of content of the sensitive image data, search the scan of the document for instances of the content, and alter each instance of the sensitive image data to render the sensitive image date inaccessible in the generated scanned version of the document.
 6. The device of claim 4, wherein the graphical user interface is to receive the command indicative of the location of the sensitive image data based on a user selection of a region of a touch screen on which the scan of the document is depicted; and the processor is to determine the location of the sensitive image data based on the location of the data and the region of the touch screen selected by the user, and to alter the sensitive image data by obscuring text and images displayed within the region of the touch screen.
 7. A method, comprising: scanning, using a device, a document in which sensitive data is viewable; displaying a scan of the document including the sensitive data via a graphical user interface located on the device; determining, using a processor located on the device and without sending the document over a network, that the document contains sensitive image data depicting a captured image of an object; performing an action to hide, using the processor, the sensitive image data from the scan of the document in response to receiving a command via the graphical user interface to hide the sensitive image data; finishing the scan of the document, using the processor, in response to the performed action; and generating, using the processor, an electronic version of the scanned document in which the hidden sensitive image data is inaccessible.
 8. The method of claim 7, further comprising displaying, via the graphical user interface, the generated electronic version of the document with the sensitive image data hidden.
 9. The method of claim 7, further comprising printing, using the device, the generated electronic version of the document with the sensitive image data hidden.
 10. The method of claim 7, further comprising sending, using the processor, the generated electronic version of the document over a network to an email address.
 11. The method of claim 7, further comprising sending, using the processor, the generated electronic version of the document over a network to at least one of cloud-based storage and a network folder.
 12. The method of claim 7, further comprising automatically determining, using the processor, the document contains sensitive image data.
 13. A non-transitory machine-readable medium containing instructions executable by a processor to: scan, using a device, a document in which sensitive data is viewable; display the scan of the document via a graphical user interface located on the device; receive a command via the graphical user interface to hide sensitive image data from the scan of the document, the sensitive image data depicting a captured image of an object; determine a location of the sensitive image data based on the command; perform an action to hide the sensitive image data by covering the sensitive image data with another image; finish the scan of the document in response to the performed action; and display the scan of the document with the sensitive image data hidden via the graphical user interface.
 14. The non-transitory machine-readable medium of claim 13, wherein the sensitive image data comprises irregularly-shaped image data captured in a photograph.
 15. The non-transitory machine-readable medium of claim 13, wherein the sensitive image data further comprises textual data.
 16. The non-transitory machine-readable medium of claim 13, further comprising the instructions executable by the processor to hide the sensitive image data by blurring the sensitive image data.
 17. The non-transitory machine-readable medium of claim 13, further comprising the instructions executable by the processor to hide the sensitive image data by cropping the sensitive image data.
 18. The non-transitory machine-readable medium of claim 13, wherein the instructions to receive a command via the graphical user interface includes instructions to receive a user-drawn shape via the graphical user interface, a particular portion of the sensitive image data to be hidden.
 19. The non-transitory machine-readable medium of claim 13, wherein the document includes a photograph, and wherein the instructions to receive a command via the graphical user interface to hide sensitive image data from the scan of the document include instructions to receive a command to hide irregularly shaped image data in the photograph to be hidden. 